CVE-2026-44947

EUVD-2026-40327
A missing clean-up in the legacy Project Role Template Binding (PRTB) 
reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security 
Admission (PSA) permissions after an administrator removes those 
permissions from a RoleTemplate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
suseCNA
6.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N